I am running Avast 4.8 with Vista Home Premium SP 2 and a cable internet connection. Earlier today I got the following message from Avast:
Sign of “JS:Redirector-AH [trj]” has been found in “hXXttp:/roxobels.com/?id=21217364\{gzip}” file.
Below the message were words to the effect that I could stop this Trojan from completing the download by pressing the “stop” button, which I did. I can no longer find the complete original screen message so the words about the “stop” button may not have been exactly how I described it. The message beginning with “Sign of”…and ending with “file” is right out of the Avast Log Viewer however and is verbatim.
Once I pressed the “stop” button, the message disappeared completely from my screen and the only trace I have been able to find of this incident since then is the one line message in the Log Viewer that I have displayed in the second paragraph above.
I have been able to find no information about a Trojan call “JS:Redirector-AH” or the web site “roxobels.com” anywhere on the internet. I am left wondering what exactly happened and what the status of my system is at this point. I ran a complete system scan with Avast and the latest signature files and there were no errors found. Also, there are no Trojans (or any other recent infected files) in the Avast virus chest.
Can anyone tell me what happened here? Did I stop the Trojan before it got completely loaded onto my system or is there something more I need to do? And if it did attempt to download, how did I get it in the first place? I have never directly visited a web site called “roxobels.com” (it is NOT the web site that I was visiting at the time I received this message) nor can I find any evidence of such a web site in my browser history files (I use Firefox 3.5.2). For that matter, doing a Google search, I can find no evidence any web site named “roxobels.com” exists now or ever did exist.
Thanks in advance for any input.
